Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
File: 5b8eca1c-0001-4580-9357-36838b685542.roa (raw, json)
Hash identifier: kp67+bixPHxilQWql9KD3axPEJ+6/IrUQg029nElV5s=
Subject key identifier: 23:B6:3B:79:59:6B:DE:0D:E3:91:ED:7C:CC:98:71:B5:3F:0B:22:5B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 39FA5EF03F9E93D08A01F6E0C2540CBA61ADDD36
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
Signing time: Fri 08 Nov 2024 00:00:00 +0000
ROA not before: Fri 08 Nov 2024 00:00:00 +0000
ROA not after: Fri 13 Dec 2024 23:59:59 +0000
asID: 16509
IP address blocks: 159.239.0.0/16 maxlen: 24
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:16:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:fa:5e:f0:3f:9e:93:d0:8a:01:f6:e0:c2:54:0c:ba:61:ad:dd:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 8 00:00:00 2024 GMT
Not After : Dec 13 23:59:59 2024 GMT
Subject: serialNumber=85a5d27b0951d34f9fd7be1ef28428fa864df68d3f6192021171e6849e69a466, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:dd:02:8f:c6:46:12:f9:75:b8:a9:35:ed:60:
96:eb:09:13:75:e7:05:8f:f4:38:d2:bf:d8:33:da:
f8:96:b7:12:23:33:d2:7b:68:c3:72:bb:f7:01:df:
6a:01:7d:c7:9a:5d:bf:49:42:61:40:9b:d5:76:9d:
d9:ad:72:da:0d:8d:04:26:fc:a0:cb:cc:79:17:73:
da:94:b6:2d:db:6c:98:7d:fe:e0:03:57:7a:18:43:
69:ff:b4:2a:e4:f7:44:f0:12:79:de:b1:b1:d0:f5:
15:d1:23:97:c5:d8:c7:51:fb:06:85:cc:ab:e1:f1:
0b:70:fd:a2:32:45:09:17:07:4a:2b:21:24:ba:37:
2e:1f:5f:ca:e8:14:65:39:c4:86:d9:8c:87:c0:77:
32:0b:a6:a8:4a:36:49:f5:70:27:72:a3:da:83:43:
7e:9d:c5:d5:4d:1c:73:bf:8f:9a:f1:b5:9d:4f:eb:
ae:a6:a3:cd:e8:d1:56:82:e7:60:8b:11:9b:3a:e6:
34:5d:d6:f8:b8:39:7a:2d:fe:52:a9:cf:8c:ff:3d:
5e:71:c2:16:0a:14:d5:c2:2f:0f:d9:95:04:a0:03:
40:b5:76:70:bf:00:5e:87:96:ab:a3:3c:08:a2:73:
c2:89:35:e7:46:b7:aa:b3:48:9a:10:1f:e5:7e:14:
0c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:B6:3B:79:59:6B:DE:0D:E3:91:ED:7C:CC:98:71:B5:3F:0B:22:5B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5b8eca1c-0001-4580-9357-36838b685542.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.239.0.0/16
Signature Algorithm: sha256WithRSAEncryption
b1:c8:fa:91:af:a8:86:d7:12:10:6b:08:8d:08:86:c9:64:49:
e1:a6:42:d9:c1:bb:d2:d5:9d:a5:e8:e0:15:77:ee:04:1f:86:
37:bb:73:05:d0:bd:5d:45:f2:2c:73:71:dc:b4:24:63:5e:8f:
4a:b5:f2:7a:91:9f:19:3e:1a:82:fe:98:63:7f:6d:ba:28:cd:
19:7b:e1:d5:6b:2e:d4:95:7c:14:de:ce:24:9d:7c:6d:60:c1:
ae:f7:21:b2:82:6c:49:cc:c6:80:e1:fc:e2:4a:97:11:72:bf:
7d:02:5f:88:bb:11:fa:59:c0:89:2c:15:7f:98:2d:29:e4:63:
b9:4d:83:49:c9:c9:ac:f3:11:c7:81:eb:86:a0:b8:cb:70:fd:
41:e7:da:3a:c9:0d:c0:41:30:83:bb:89:c0:c2:ca:4f:82:05:
63:35:d7:6e:01:cb:e6:00:9c:3c:78:43:23:4a:cb:6c:67:13:
b2:db:89:bc:5d:07:e7:35:6e:80:5c:e5:b5:ce:9c:83:df:cd:
f9:80:8f:50:b3:7b:d1:0f:26:66:ec:ba:59:cc:68:71:34:d4:
b5:67:09:a9:e7:a0:18:08:b7:c3:49:ac:e3:4e:d8:da:ff:03:
6d:5d:6e:83:1a:92:d5:26:5a:39:ab:2c:57:4b:67:2d:0c:51:
37:d0:3e:ae
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOfpe8D+ek9CKAfbgwlQMumGt3TYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMDgwMDAwMDBaFw0yNDEyMTMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg1YTVkMjdiMDk1MWQzNGY5ZmQ3YmUxZWYyODQyOGZhODY0ZGY2OGQzZjYx
OTIwMjExNzFlNjg0OWU2OWE0NjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJDdAo/GRhL5dbipNe1glusJE3XnBY/0ONK/2DPa+Ja3EiMz0ntow3K79wHf
agF9x5pdv0lCYUCb1Xad2a1y2g2NBCb8oMvMeRdz2pS2LdtsmH3+4ANXehhDaf+0
KuT3RPASed6xsdD1FdEjl8XYx1H7BoXMq+HxC3D9ojJFCRcHSishJLo3Lh9fyugU
ZTnEhtmMh8B3MgumqEo2SfVwJ3Kj2oNDfp3F1U0cc7+PmvG1nU/rrqajzejRVoLn
YIsRmzrmNF3W+Lg5ei3+UqnPjP89XnHCFgoU1cIvD9mVBKADQLV2cL8AXoeWq6M8
CKJzwok150a3qrNImhAf5X4UDG8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQjtjt5
WWveDeOR7XzMmHG1PwsiWzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWI4ZWNhMWMtMDAwMS00NTgwLTkzNTctMzY4MzhiNjg1NTQyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAJ/vMA0G
CSqGSIb3DQEBCwUAA4IBAQCxyPqRr6iG1xIQawiNCIbJZEnhpkLZwbvS1Z2l6OAV
d+4EH4Y3u3MF0L1dRfIsc3HctCRjXo9KtfJ6kZ8ZPhqC/phjf226KM0Ze+HVay7U
lXwU3s4knXxtYMGu9yGygmxJzMaA4fziSpcRcr99Al+IuxH6WcCJLBV/mC0p5GO5
TYNJycms8xHHgeuGoLjLcP1B59o6yQ3AQTCDu4nAwspPggVjNdduAcvmAJw8eEMj
SstsZxOy24m8XQfnNW6AXOW1zpyD3835gI9Qs3vRDyZm7LpZzGhxNNS1Zwmp56AY
CLfDSazjTtja/wNtXW6DGpLVJlo5qyxXS2ctDFE30D6u
-----END CERTIFICATE-----
Generated at Thu Nov 21 21:03:29 2024 by rpki-client on console-fra.rpki-client.org